chrissewell/beelzebub
1
0
Fork 0
mirror of https://github.com/mariocandela/beelzebub.git synced 2025-07-01 18:47:26 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1 from mariocandela/Tracer

Browse Source 
Improve Tracer Event and configured on SSH Strategy
This commit is contained in:
Mario Candela
2022-05-09 23:24:04 +02:00
committed by GitHub
parent e8cc074c64 e1a1f20e6c
commit 714f15db0f
5 changed files with 95 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
protocols/hypertextTransferProtocolStrategy.go
View File

@ -2,6 +2,7 @@ package protocols
import ( import (
"beelzebub/parser" "beelzebub/parser"
"beelzebub/tracer"
"fmt" "fmt"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
"io" "io"
@ -15,7 +16,7 @@ type HypertextTransferProtocolStrategy struct {
beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration
} }
func (httpStrategy HypertextTransferProtocolStrategy) Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration) error { func (httpStrategy HypertextTransferProtocolStrategy) Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration, tr tracer.Tracer) error {
httpStrategy.beelzebubServiceConfiguration = beelzebubServiceConfiguration httpStrategy.beelzebubServiceConfiguration = beelzebubServiceConfiguration
httpStrategy.serverMux = http.NewServeMux() httpStrategy.serverMux = http.NewServeMux()

12
protocols/protocolManager.go
View File

@ -1,13 +1,19 @@
package protocols package protocols
import "beelzebub/parser" import (
"beelzebub/parser"
"beelzebub/tracer"
)
type ProtocolManager struct { type ProtocolManager struct {
strategy ServiceStrategy strategy ServiceStrategy
tracer *tracer.Tracer
} }
func (pm *ProtocolManager) InitServiceManager() *ProtocolManager { func (pm *ProtocolManager) InitServiceManager() *ProtocolManager {
return &ProtocolManager{} return &ProtocolManager{
tracer: tracer.Init(),
}
} }
func (pm *ProtocolManager) SetProtocolStrategy(strategy ServiceStrategy) { func (pm *ProtocolManager) SetProtocolStrategy(strategy ServiceStrategy) {
@ -15,5 +21,5 @@ func (pm *ProtocolManager) SetProtocolStrategy(strategy ServiceStrategy) {
} }
func (pm *ProtocolManager) InitService(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration) error { func (pm *ProtocolManager) InitService(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration) error {
return pm.strategy.Init(beelzebubServiceConfiguration) return pm.strategy.Init(beelzebubServiceConfiguration, *pm.tracer)
} }

7
protocols/protocolStrategy.go
View File

@ -1,7 +1,10 @@
package protocols package protocols
import "beelzebub/parser" import (
"beelzebub/parser"
"beelzebub/tracer"
)
type ServiceStrategy interface { type ServiceStrategy interface {
Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration) error Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration, tracer tracer.Tracer) error
} }

75
protocols/secureShellStrategy.go
View File

@ -2,19 +2,21 @@ package protocols
import ( import (
"beelzebub/parser" "beelzebub/parser"
"beelzebub/tracer"
"fmt" "fmt"
"github.com/gliderlabs/ssh" "github.com/gliderlabs/ssh"
"github.com/google/uuid" "github.com/google/uuid"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
"golang.org/x/crypto/ssh/terminal" "golang.org/x/crypto/ssh/terminal"
"regexp" "regexp"
"strings"
"time" "time"
) )
type SecureShellStrategy struct { type SecureShellStrategy struct {
} }
func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration) error { func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parser.BeelzebubServiceConfiguration, tr tracer.Tracer) error {
go func() { go func() {
server := &ssh.Server{ server := &ssh.Server{
Addr: beelzebubServiceConfiguration.Address, Addr: beelzebubServiceConfiguration.Address,
@ -23,14 +25,30 @@ func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parse
Version: beelzebubServiceConfiguration.ServerVersion, Version: beelzebubServiceConfiguration.ServerVersion,
Handler: func(sess ssh.Session) { Handler: func(sess ssh.Session) {
uuidSession := uuid.New() uuidSession := uuid.New()
traceSessionStart(sess, uuidSession)
tr.TraceEvent(tracer.Event{
Msg: "New SSH Session",
Protocol: beelzebubServiceConfiguration.Protocol,
RemoteAddr: sess.RemoteAddr().String(),
Status: tracer.Start,
ID: uuidSession.String(),
Environ: strings.Join(sess.Environ(), ","),
User: sess.User(),
})
term := terminal.NewTerminal(sess, buildPrompt(sess.User(), beelzebubServiceConfiguration.ServerName)) term := terminal.NewTerminal(sess, buildPrompt(sess.User(), beelzebubServiceConfiguration.ServerName))
for { for {
commandInput, err := term.ReadLine() commandInput, err := term.ReadLine()
if err != nil { if err != nil {
break break
} }
traceCommand(commandInput, uuidSession) tr.TraceEvent(tracer.Event{
Msg: "New SSH Command",
RemoteAddr: sess.RemoteAddr().String(),
Status: tracer.Interaction,
Command: commandInput,
ID: uuidSession.String(),
})
if commandInput == "exit" { if commandInput == "exit" {
break break
} }
@ -47,10 +65,21 @@ func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parse
} }
} }
} }
traceSessionEnd(sess, uuidSession) tr.TraceEvent(tracer.Event{
Msg: "End SSH Session",
Status: tracer.End,
ID: uuidSession.String(),
})
}, },
PasswordHandler: func(ctx ssh.Context, password string) bool { PasswordHandler: func(ctx ssh.Context, password string) bool {
traceAttempt(ctx, password) tr.TraceEvent(tracer.Event{
Msg: "New SSH attempt",
Status: tracer.Stateless,
User: ctx.User(),
Password: password,
Client: ctx.ClientVersion(),
RemoteAddr: ctx.RemoteAddr().String(),
})
matched, err := regexp.MatchString(beelzebubServiceConfiguration.PasswordRegex, password) matched, err := regexp.MatchString(beelzebubServiceConfiguration.PasswordRegex, password)
if err != nil { if err != nil {
log.Errorf("Error regex: %s, %s", beelzebubServiceConfiguration.PasswordRegex, err.Error()) log.Errorf("Error regex: %s, %s", beelzebubServiceConfiguration.PasswordRegex, err.Error())
@ -75,39 +104,3 @@ func (SSHStrategy *SecureShellStrategy) Init(beelzebubServiceConfiguration parse
func buildPrompt(user string, serverName string) string { func buildPrompt(user string, serverName string) string {
return fmt.Sprintf("%s@%s:~$ ", user, serverName) return fmt.Sprintf("%s@%s:~$ ", user, serverName)
} }
func traceAttempt(ctx ssh.Context, password string) {
log.WithFields(log.Fields{
"remoteAddr": ctx.RemoteAddr(),
"user": ctx.User(),
"password": password,
"client": ctx.ClientVersion(),
}).Info("New SSH attempt")
}
func traceSessionStart(sess ssh.Session, uuidSession uuid.UUID) {
log.WithFields(log.Fields{
"uuidSession": uuidSession,
"remoteAddr": sess.RemoteAddr(),
"command": sess.Command(),
"environ": sess.Environ(),
"user": sess.User(),
}).Info("New SSH Session")
}
func traceSessionEnd(sess ssh.Session, uuidSession uuid.UUID) {
log.WithFields(log.Fields{
"uuidSession": uuidSession,
"remoteAddr": sess.RemoteAddr(),
"command": sess.Command(),
"environ": sess.Environ(),
"user": sess.User(),
}).Info("End SSH Session")
}
func traceCommand(command string, uuidSession uuid.UUID) {
log.WithFields(log.Fields{
"uuidSession": uuidSession,
"command": command,
}).Info("New SSH Command")
}

45
tracer/tracer.go Normal file
View File

@ -0,0 +1,45 @@
package tracer
import (
log "github.com/sirupsen/logrus"
)
type Tracer struct {
}
func Init() *Tracer {
return &Tracer{}
}
func (tracer *Tracer) TraceEvent(event Event) {
log.WithFields(log.Fields{
"status": event.Status.String(),
"event": event,
}).Info("New Event")
}
type Event struct {
RemoteAddr string
Protocol string
Command string
Status Status
Msg string
ID string
Environ string
User string
Password string
Client string
}
type Status int
const (
Start Status = iota
End
Stateless
Interaction
)
func (status Status) String() string {
return [...]string{"Start", "End", "Stateless", "Interaction"}[status]
}